Engineering Commons^™

Assessing Risk In Iot Devices, David Levitsky

Master's Theses

The explosive growth of the Internet of Things ecosystem has thrust these devices into the center of our lives. Unfortunately, the desire to create these devices has been stronger than the one to secure them. Recent attacks have shown us ignoring security in Internet of Things devices can cause severe harm in both a digital and physical sense. This thesis outlines a framework for developers and managers to assess the risk of IoT devices using a weighted scoring system across five different categories. Our case studies suggest that devices with higher security considerations have a better security posture and lower …

Hybrid Black-Box Solar Analytics And Their Privacy Implications, Dong Chen

Doctoral Dissertations

The aggregate solar capacity in the U.S. is rising rapidly due to continuing decreases in the cost of solar modules. For example, the installed cost per Watt (W) for residential photovoltaics (PVs) decreased by 6X from 2009 to 2018 (from $8/W to $1.2/W), resulting in the installed aggregate solar capacity increasing 128X from 2009 to 2018 (from 435 megawatts to 55.9 gigawatts). This increasing solar capacity is imposing operational challenges on utilities in balancing electricity's real-time supply and demand, as solar generation is more stochastic and less predictable than aggregate demand. To address this problem, both academia and utilities have …

Aviation Cybersecurity: An Overview, Gary C. Kessler, J. Philip Craiger

National Training Aircraft Symposium (NTAS)

Information security—aka cybersecurity—is the most rapidly growing threat to critical infrastructures, including the aviation industry. Due to the plethora of digital devices, ubiquity of the Internet and other networks, and the rapid growth in the adoption of technology, everyone is an information system security manager. Every professional in the aviation and aeronautics industry use computers, mobile devices, tablets, GPS devices, and/or other hardware on a daily basis, as well as go online for a variety of reasons.

Attacks on information have been ongoing since the inception of the industry a hundred years ago, in such forms as intellectual property theft …

Survey Results On Adults And Cybersecurity Education, Frank Breitinger, Joseph Ricci, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Cyberattacks and identity theft are common problems nowadays where researchers often say that humans are the weakest link in the security chain. Therefore, this survey focused on analyzing the interest for adults for ‘cyber threat education seminars’, e.g., how to project themselves and their loved ones. Specifically, we asked questions to understand a possible audience, willingness for paying / time commitment, or fields of interest as well as background and previous training experience. The survey was conducted in late 2016 and taken by 233 participants. The results show that many are worried about cyber threats and about their children exploring …

Data Defenders, Madison Claire Cannon

Alumni Publications

No abstract provided.

User's Manual For Tardigrade Risk Assessment, Alexis M. Shook

University of New Orleans Theses and Dissertations

This user-guide provides instructions for operating Tardigrade 1.1.3, a cybersecurity software for Nollysoft, LLC. This guide instructs users step-by-step on how to set security controls, risk assessments, and administrative maintenance. Tardigrade 1.1.3 is a Risk Assessment Enterprise that evaluates the risk level of corporations and offers solutions to any security gaps within an organization. Tardigrade 1.1.3 is a role-based software that operates through three modules, Cybersecurity Assessment, Internal Control, and Security Requirement Traceability Matrix.

Ftc Regulating Cybersecurity Post Wyndham: An International Common Law Comparison On The Impact Of Regulation Of Cybersecurity, Andrew Z. R. Smith

Georgia Journal of International & Comparative Law

No abstract provided.

Cybersecurity Assessment And Mitigation Stochastic Model, Matthew W. Davis

Theses and Dissertations

With numerous cybersecurity incidents and vulnerability concerns in an increasingly contested cyber warfighting environment, the Department of Defense (DoD) has mandated cybersecurity assessment and authorization of all major weapon systems (MWS) before their use. In response to this direction, the Air Force Life Cycle Management Center (AFLCMC) created the Platform Information Technology Assessment and Authorization (PIT A&A) Process. Modeled after the NIST Risk Management Framework (RMF), this process applies a risk-based approach to cybersecurity with the goal of identifying risks and mitigating vulnerabilities in MWS. Within this work, a stochastic model of the PIT A&A Process is presented with an …

Employing A User-Centered Design Process For Cybersecurity Awareness In The Power Grid, Jean C. Scholtz, Lyndsey Franklin, Aditya Ashok, Katya Leblanc, Christopher Bonebrake, Eric Andersen, Michael Cassiadoro

Journal of Human Performance in Extreme Environments

In this paper, we discuss the process we are using in the design and implementation of a tool to improve the situation awareness of cyberattacks in the power grid. We provide details of the steps we have taken to date and describe the steps that still need to be accomplished. The focus of this work is to provide situation awareness of the power grid to staff from different, non-overlapping roles in an electrical transmission organization in order to facilitate an understanding of a possible occurrence of a cyberattack. Our approach follows a user-centered design process and includes determining the types …

Perceptions Of Female Cybersecurity Professionals Toward Factors That Encourage Females To The Cybersecurity Field, Kembley Kay Lingelbach

CCE Theses and Dissertations

Despite multiple national, educational, and industry initiatives, women continue to be underrepresented in the cybersecurity field. Only 11% of cybersecurity professionals, globally, are female. This contributes to the growing overall shortage of workers in the field. This research addressed the significant underrepresentation of females in the cybersecurity workforce. There are many practitioner and industry studies that suggest self-efficacy, discrimination and organizational culture play important roles in the low rate of women in the cybersecurity field. A limited number of scholarly studies identify causal factors; however, there is not a general consensus or framework to explain the problem thoroughly. Moreover, there …

Cyber Security And Risk Society: Estonian Discourse On Cyber Risk And Security Strategy, Lauren Kook

Copyright, Fair Use, Scholarly Communication, etc.

The main aim of this thesis is to call for a new analysis of cyber security which departs from the traditional security theory. I argue that the cyber domain is inherently different in nature, in that it is lacking in traditional boundaries and is reflexive in nature. Policy-makers are aware of these characteristics, and in turn this awareness changes the way that national cyber security strategy is handled and understood. These changes cannot be adequately understood through traditional understanding of security, as they often are, without missing significant details. Rather, examining these changes through the lens of Ulrich Beck’s risk …

Malware Analysis Skills Taught In University Courses, Swetha Gorugantu

Browse all Theses and Dissertations

Career opportunities for malware analysts are growing at a fast pace due to the evolving nature of cyber threats as well as the necessity to counter them. However, employers are often unable to hire analysts fast though due to a lack of the required skillset. Hence, the primary purpose of the thesis is to conduct a gap analysis between the binary analysis skills taught in universities with those that the recruiters are looking for. Malware can be analyzed using three main types of tools and techniques: high-level profiling, static analysis, and dynamic analysis. These methods provide detailed information about the …